Should You Encrypt Your Home Folder in Linux?

If you value your personal data and passwords, encrypt your home folder

Encrypt My Home Folder

One of the often overlooked installation options that is made available by many Linux installers is to encrypt your home folder. You might think that requiring a user to log in with a password is sufficient to secure your files. You would be wrong. Encrypting your home folder keeps your data and documents safe. 

If you are a Windows user, create a live Linux USB drive and boot into it. Now open the file manager and navigate to your documents and settings folder on the Windows partition.

Unless you have encrypted your Windows partition, you will notice that you can see absolutely everything.

If you are a Linux user, do the same thing. Create a live Linux USB and boot into it. Now mount and open your Linux home partition. If you haven’t encrypted your home partition, you will be able to access everything.

If somebody physically breaks into your house and steals your laptop, can you afford for them to have full access to the files on the hard drive? Probably not

What Kind of Data Do You Store on Your Computer?

Most people keep bank statements, insurance certificates, and letters with account numbers on them. Some people keep a file that contains all their passwords.

Are you the kind of person who logs in to your email and instructs the browser to save the password? Those settings are stored in your home folder as well and could allow somebody to use the same method to automatically log in from your computer to your email or—even worse—your PayPal account.

So, Your Home Folder Isn't Encrypted

If you've already installed Linux, and you didn't choose the option to encrypt your home partition, you have three options:

  • Do nothing because you have nothing worth stealing anyway.
  • Reinstall your operating system and choose the encrypt-your-home-folder option.
  • Encrypt your home partition now manually.

    Obviously, the best option if you already have Linux installed is to encrypt your home folder manually.

    How to Encrypt Your Home Folder Manually

    To encrypt the home folder manually, first back up your home folder.

    Log in to your account, open your terminal, and enter this command to install the files you need to carry out the encryption process:

    sudo apt-get install ecryptfs-utils

    Create a temporary new user with admin rights. Encrypting a home folder while you're still logged in to that user can cause problems.

    Log in to the new temporary admin account.

    To encrypt the home folder, enter:

    sudo ecryptfs-migrate-home –u “username”

    where "username" is the name of the home folder you want to encrypt.

    Log in to the original account and complete the encryption process. 

    Follow the instruction to add a password to the newly encrypted folder. If you don't see it, enter:


    and add one yourself. 

    Delete the temporary account you created and reboot your system.

    Downsides to Encrypting Data

    There are a few downsides to encrypting your home folder. They are:

    • Your computer may take a performance hit if your home folder is encrypted.
    • If your hard drive fails, it is much easier to recover the data if it isn't encrypted.
    • If you forget your username and password, you lose your data.
    Was this page helpful?